this post was submitted on 06 Dec 2024
50 points (100.0% liked)

Cybersecurity

1 readers
53 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS
 

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability.

#cybersecurity #Windows #vulnerability #CyberAttack #infosec

https://cnews.link/windows-zero-day-attackers-can-steal-ntlm-credentials-1/

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 2 weeks ago (1 children)

I wonder if 0patch will become trusted enough for people to hang on to their Windows 10 machines into the future.

[–] [email protected] 4 points 2 weeks ago (1 children)

That's a big hill to climb.

Enterprise will always upgrade as usual. Besides, those are all domain based systems if my memory is right, NTLM is only used for local accounts.

Even SMB runs a domain - it's just easier to manage access control.

This issue just pushes me to setup a domain for home use.

[–] [email protected] 2 points 2 weeks ago

NTLM is enabled in some domain based environments. I have to enable it for several service accounts used for connecting legacy appliances. If it "works" Goodluck getting the business to upgrade.

[–] [email protected] 2 points 2 weeks ago

Seems a bad one.